Spam and suspicious emails

Gmail automatically helps identify spam and suspicious emails by detecting viruses, finding patterns across messages, and learning from what Gmail users like you commonly mark as spam or phishing.

If you click your Spam label and open one of the messages, you'll see a warning label at the top with a brief explanation about why that particular message was placed in Spam. If we think something is suspicious, we’ll mark the message with a warning label in your inbox for you.

Use this information to protect yourself from potentially dangerous or fraudulent messages and to better understand why a message was or wasn't marked as spam.

If you see a warning that someone might be trying to trick you by using similar-looking characters in the email addresses of a message, you should take a close look at the sender's email address and the addresses of anyone else the email has been sent to. The addresses might be different than they seem.

What you need to know:
Sometimes, the difference is easy to spot if you look carefully. For example, someone might use a Greek character ("Σ") for the Latin character "E". In other situations, it's impossible to detect the difference. For instance, the Greek character ("ο") looks exactly the same as the Latin character "o". For example, it might seem as if the sender is sending from an address like example@google.com, but they've actually used the Greek character "o" instead of the Latin character "o".

Actions you can take:
We recommend that you be wary of any messages that display this warning, and verify any links in the message before clicking them. Google will never ask for your password or personal information over email.

If you happen to notice a spoofed email address, but it’s not marked with a warning, be sure to report it as spam. Reporting these emails as spam helps us get better at detecting these types of potentially dangerous or fraudulent messages.

Some spammers send fraudulent messages that try to trick you into sharing personal information like passwords or credit card numbers. This practice is called phishing.

What you need to know:
We strongly recommend that you avoid clicking links in these messages and do not reply to them. Spammers can send messages that appear to be from a person or company that you know, and might even hack into someone's email and send messages from that account. Therefore, please be wary of these messages, even if you know the sender. Please know that Google will never ask for your password or sensitive information over email.

Actions you can take:
If the message seems like an attempt to get your personal information, help our system learn from such attempts by reporting the message as phishing:

In Gmail, open the message you'd like to report.

Click the down arrow next to “Reply” at the top-right of the message pane.

Select Report Phishing.

If the message is clearly not malicious, you can click the "Not spam" button to move the message out of Spam and into your Inbox. You can also select "Report not phishing" to let us know that the message is legitimate (click the down arrow next to "Reply" to see this option). By marking the message as not spam or phishing, Gmail's system will learn from that example and be more accurate in marking messages in the future. There are also some things you can do to prevent legitimate email from being marked as spam.

Spammers can forge a message to make it look like it's sent by a real website or company that you might trust. To help protect you from such messages, Google tries to verify the real sender using email authentication.

The authentication process tries to verify the real sender by looking at a message's authentication data. This data should be included in a message's "signed-by" or "mailed-by" headers (shown beneath the subject line when you look at a message's details). When the sender doesn't include this data, we can't be sure whether or not the message was forged. For example, a message might claim to be from a Gmail address, but we can't confirm that claim if the message doesn't have authentication data.

Several highly-phished domains have asked Gmail to enforce strict authentication checks on their mail. These domains include eBay, Paypal, and Google. All unauthenticated messages from these domains will be immediately sent to the spam folder. For more information, check out the Gmail blog or the DMARC site.

Missing authentication data can appear on legitimate messages as well as malicious ones. For example, Gmail might not be able to verify a message that was sent through a website (like when a friend shares a news article through an online newspaper), a message that was automatically forwarded (like from your school email address to your personal Gmail address), or a message sent to a mailing list.

What you need to know:
It's important to be on alert for phishing scams, messages that try to trick you into sharing personal information like your passwords or credit card details, visiting a malicious website, or accepting a computer virus. Spammers can send messages that appear to be from a person or company that you know, and might even hack into someone's email and send messages from that account. Therefore, be wary of these messages, even if you know the sender. Please know that Google will never ask for your password or personal information over email.

For any suspicious messages, we recommend that you avoid clicking links and attachments and do not reply to the message.

Actions you can take:
If the message seems like an attempt to get your personal information, help our system learn from such attempts by reporting the message as phishing:

In Gmail, open the message you'd like to report.

Click the down arrow next to “Reply” at the top-right of the message pane.

Select Report Phishing.

If you see unauthenticated messages that you know are legitimate in Spam, there might be an issue on the sender’s side, or with your settings. If you're confident that the message is not malicious, click the Not spam button to move the message out of Spam and into your Inbox.

To prevent these types of messages from being classified as spam in the future, you can do one of the following:

You previously marked these messages as spam by clicking the "Report spam" or "Report phishing" button. Both actions will send the message to your Spam folder and remove it from your Inbox.

What you need to know:
After you report spam for several messages from the same sender, our system will learn from your behavior and might continue placing that sender's messages to Spam even if you don't specifically report them.

Also know that you can create filters to route certain messages from Spam to your Inbox, or route spam messages to your Trash. We'll let you know whenever your filters caused a message that our system identified as spam to be moved to your Inbox; if you want those messages to stay in Spam, consider changing your filters.

Actions you can take:
If you don't want the message to be in Spam, click the "Not spam" button to move it into your Inbox. If you mistakenly marked it as a phishing scam, please click the down arrow next to "Reply" at the top-right of the message pane, and select "Report not phishing" to let us know that the message is legitimate. By reporting that a message is not spam or phishing, you'll help teach Gmail's system what to do when it sees a similar message in the future.

Gmail uses automated spam detection systems to analyze patterns and predict what types of messages are fraudulent or potentially harmful. Here are just a few of the things our system considers when marking a message as spam:

Content that's usually associated with spam such as mature content and "get rich quick" schemes

Messages that falsely appear to be a "bounced message" response (a system-generated email that you might automatically get after sending a message that can't be delivered such as a message sent to an invalid email address)

Messages sent from accounts or IP addresses that have sent other spam messages

Behavior of other Gmail users, such as many people reporting spam from a particular sender

Similarity to other spam or phishing messages based on a combination of things like subject matter, elements like spelling and formatting, and suspicious attachments

What you need to know:
It's important to be on alert for phishing scams, messages that try to trick you into sharing personal information like your passwords or credit card details. For any suspicious messages, we recommend that you avoid clicking links or attachments in these messages and do not reply to them. Please know that Google will never ask for your password or personal information over email.

Actions you can take:
If the message seems like an attempt to get your personal information, mark "Report phishing" to help our system learn from such attempts.

If you're confident that the message is not malicious, you can click the "Not spam" button to move the message out of Spam and into your Inbox. There are also some things you can do to prevent legitimate email from being marked as spam.

If your organization uses Gmail, the administrator within your group can decide what messages will not marked as spam.

What you need to know:
These messages are routed to your Inbox according to your organization's request rather than Gmail's automated spam detection system. Therefore, it's possible that you might see spam messages routed to your Inbox.

Actions you can take:
If you see messages in your Inbox that don't belong there, you can contact your mail administrator and ask for the domain policy to be changed.

If the message seems like spam but isn't in your Spam folder, click the "Report spam" button (plus mark "Report phishing" for messages trying to get your personal information).

An email with no content in the subject and body of the message might be classified as spam. Spammers may send blank messages accidently due to an error, or on purpose to collect a list of valid email addresses to spam in the future.

What you need to know:
For any suspicious messages, we recommend that you do not reply to the message.

Actions you can take:
If the message is from a person you know or you're confident that the message is not malicious, you can click the Not spam button to move the message out of Spam and into your Inbox. There are also some things you can do to prevent legitimate email from being marked as spam.

What you need to know:
If a sender continues to send you email after you tried to unsubscribe from their messages, new messages from this sender will go directly to Spam.

Actions you can take:
If you decide that you do want emails from this sender, go to the sender's website and sign up for emails again. Then make sure to check your Spam and mark these messages as Not spam.